Fake News: Could the Next Major Cyberattack Cause a Cyberwar?

In the way it undercuts trust, fake news is a form of cyberattack. Governments must work to stop it.

Fake news — we've all heard about it, but sometimes we struggle to grasp the extent of its impact.

With more people moving online and social media becoming the go-to news source, and with a good chunk of what is put on social media being fake, the reader must determine whether information is true or not. When people believe everything they read, the world becomes an unpredictable place.

In the past, we could easily choose which news source to follow and have a high level of confidence about its accuracy. Today, however, with news arriving to us in a social media feed, both trusted and fake news sources are merged together — and the consumer must decide whether or not to believe the news. With no clear indication of the truth or the source of news on social media, many countries, democracies, and nation-states will struggle with transparency and could become politically instable. It only takes one fake news story within a trustworthy source to devalue an entire news feed, forcing us to question what is real and what is not.

To put it bluntly, fake news is a form of cyberattack and will only grow significantly in 2018 and beyond.

Attribution, Transparency & ResponseFake information has become a major disruption to our way of life, filling our news feeds to influence our actions in an attempt to change the outcome of important decisions, including elections. Rather than focusing on the important needs of citizens — such as taxes, health, and education — many governments are now embroiled in trust and transparency challenges caused by the continuous disruption from cyberattacks. We have seen the governments in both the US and UK increasing focus and attention on recent cyber incidents with little to no transparency.

Many recent cyber incidents have involved the theft of huge amounts of personal and sensitive information that is then used to pursue and influence our nation's decision-making. Some notable cyber incidents — for example, breaches at Yahoo, Ashley Madison, and Equifax —exposed sensitive data that could be used via news feeds to trigger emotions and reactions. When a cyberattack from another nation-state tries to influence our way of life, our society, or our government, should this be considered an act of war?

Large troll factories and botnet farms are using our stolen personal information to guarantee that our news feeds are filled with fake information that attracts readers to respond and participate, creating a growing trend that encircles friends and family. This could start from a machine-controlled bot that wants you to share malicious information, influence your friends' decisions, and distrust your own government, creating divisions rather than giving you true information.

National Ownership & International CooperationIt's clear that cyberattacks are crossing country borders and disrupting our way of life, without nation-states taking responsibility. We hear about cybercriminal groups that are behind many of the major cyber incidents in recent years, including data breaches, ransomware, or the targeting of government agencies' classified information. Companies and governments have linked these cybercriminal groups to nation-states; for example, both FireEye and Symantec have accused North Korea of being behind the WannaCry ransomware, though they haven't revealed concrete evidence and North Korea has denied involvement. Without clear cooperation and transparency, this problem will grow with into increasing numbers of cyberattacks on critical infrastructure, political affiliations, financial institutions, and communications.

To prevent a major catastrophe from occurring, governments and nation-states need to work together on cyber attribution with full cooperation and transparency that holds each other responsible for the actions of criminal organizations operating from within their borders. At the recent World Economic Forum, it was announced that a new Global Centre for Cybersecurity will be launched. This should focus on establishing cooperation between governments so that attribution is possible in the future; if a cybercrime has been committed, the governments involved should work together, similar to the way Interpol works today. It is equally important that governments do not provide a safe haven for cybercriminals to carry out such attacks, especially when they are doing it for financial and political gains with and extreme aggression.

It is time for governments to act and protect democracy and our way of life.

Black Hat Asia returns to Singapore with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier solutions and service providers in the Business Hall. Click for information on the conference and to register.

Joseph Carson has more than 25 years' experience in enterprise security, is the author of Privileged Account Management for Dummies and Cybersecurity for Dummies, and is a cybersecurity professional and ethical hacker. Joseph is a cybersecurity adviser to several governments, ... View Full Bio

An exploitable command injection vulnerability exists in the measurementBitrateExec functionality of Sony IPELA E Series Network Camera G5 firmware 1.87.00. A specially crafted GET request can cause arbitrary commands to be executed. An attacker can send an HTTP request to trigger this vulnerability...

In Eclipse Vert.x version 3.0 to 3.5.1, the HttpServer response headers and HttpClient request headers do not filter carriage return and line feed characters from the header value. This allow unfiltered values to inject a new header in the client request or server response.

In Eclipse OpenJ9 version 0.8, users other than the process owner may be able to use Java Attach API to connect to an Eclipse OpenJ9 or IBM JVM on the same machine and use Attach API operations, which includes the ability to execute untrusted native code. Attach API is enabled by default on Windows,...

Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.